Research On Attribute Based Encryption Algorithms

With the widely spread of the Internet and the development of distributed computing technology,the traditional one-to-one communication mode of public key encryption cannot satisfy the current distributed and open external environment.As a generalization of the identity-based encryption algorithm,attribute-based encryption algorithm uses a series of descriptive attributes to denote a user identity,allowing the data owner shares the encrypted data with users who hold a certain set of attributes and achieving the one-to-many communication mode.In the attribute-based encryption scheme,user secret keys are associated with attributes(or access structure),ciphertext is associated with access structure(or attributes),when a user's secret keys satisfy the access structure in the ciphertext(or the attributes in the ciphertext satisfy the user's secret key access structure),the user can decrypt the ciphertext,achieving fine-grained access control,and the ABE scheme is suitable for the data sharing encryption in the cloud storage and so on.This paper mainly does a research on revocable ABE scheme and hierarchical authority ABE scheme,the main work is as follows:1.Aiming at the issue of the change of user attribute,based on the study of the existing schemes,we put forward a revocable CP-ABE scheme.In our scheme,the authority uses the secret splitting technology to distribute secret keys for users in the system,the data owner uses the linear secret sharing scheme(LSSS)access structure to encrypt the ciphertext.The proxy is introduced,and we achieve the control of attribute revocation through the proxy re-encryption.The user without attribute revocation updates his secret keys according to the key encryption key tree to decrypt.A single user's attribute revocation does not affect other users with this attribute in this scheme,achieving fine-grained attribute revocation.The secrity analysis shows,the scheme can resist collusion attack,ensure encrypted data confidentiality and forward/backward secrecy efficientively,and the scheme is secure under the decisional q-PBDHE assumption.2.Aiming at the issue of user hierarchical distribution in a large organized structure,based on the KP-ABE algorithm,combining the idea of HIBE,we put forward a hierarchical authority key-policy attribute-based encryption scheme.The scheme sets up a organized structure of the central authority manages and the multi-authority distributes in hierarchy,every level authority is responsible for managing the users in this level and computing root key parameters for the next authority.In the phase of key generation,tree access structure which supports attribute AND,OR and threshold operation is used,enriching the forms of access policy.Different user secret keys are associated with different random polynomials,preventing users from colluding,satisfying thedemand of resisting collusion attack,what's more,the scheme is secure under the decisional MBDH assumption.The new scheme relieves the burden of a single authority,reduces the risk of users' private keys leak when the single authority server is attacked,and is suitable for the current distributed computing environment.